----- "Scot P. Floess" sfloess@nc.rr.com wrote:
Anybody know what I need to do :) I've been bouncing dhcpd in /etc/rc.local and starting any VMs there. Although annoying, I'd rather do it "right" so I can auto start my Xen guests...
If you want to do it correctly, don't run dhcpd in domain 0. :) You're exposing your host to traffic that it doesn't need to deal with, which can be bad for performance and is bad for security. You're also putting one extra service there that isn't solely related to keeping the ground beneath the guests, the only thing domain 0 should be doing. Start a guest to run dhcpd in auto and name the sym link in auto something like "00-guestname" so it runs before the other guests. If you have two or more physical hosts and you run ISC dhcpd, run another one of these guests as a dhcp failover peer on another host.
So, to be honest this is running on my home network ;) I'm not too worried about security - there is nothing sensitive on my network as is :)
Interesting, I never considered running a guest VM and it serving up dhcp addresses :D
So, one thing about my home network is my machines don't all have much RAM. This particular machine has 1 GB and is my "administrative" server - DNS, NIS, NFS, etc... I slivered off a small VM for a postgres DB and like it to start up when the machine boots. I do, sometimes bring that down and bring up another VM...
I definitely understand what you mean though - but this isn't mission critical or anything so I don't mind it doing what its doing - it works fine to date by bouncing dhcpd - but I hate that ;) I may try to get my cable modem-router to serve up dhcp - but I don't think it'll let me do ddns internally (that's another thing I am doing inside my network)...
On Fri, 6 Nov 2009, Christopher G. Stach II wrote:
----- "Scot P. Floess" sfloess@nc.rr.com wrote:
Anybody know what I need to do :) I've been bouncing dhcpd in /etc/rc.local and starting any VMs there. Although annoying, I'd rather do it "right" so I can auto start my Xen guests...
If you want to do it correctly, don't run dhcpd in domain 0. :) You're exposing your host to traffic that it doesn't need to deal with, which can be bad for performance and is bad for security. You're also putting one extra service there that isn't solely related to keeping the ground beneath the guests, the only thing domain 0 should be doing. Start a guest to run dhcpd in auto and name the sym link in auto something like "00-guestname" so it runs before the other guests. If you have two or more physical hosts and you run ISC dhcpd, run another one of these guests as a dhcp failover peer on another host.
-- Christopher G. Stach II
CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Scot P. Floess 27 Lake Royale Louisburg, NC 27549
252-478-8087 (Home) 919-890-8117 (Work)
Chief Architect JPlate http://sourceforge.net/projects/jplate Chief Architect JavaPIM http://sourceforge.net/projects/javapim
Architect Keros http://sourceforge.net/projects/keros
In both my office and home network I DHCP off of the perimeter router/firewalls. Works fine. More than one DHCP server on a network is always problematic. On my office network, once I have the lease on a device, I can force its mac address to an IP address in effect creating a static IP without touching the guest's nic setup and not having to worry about future DNS server, routing, or gateway changes setups on guests and other dhcp clients.
Scot P. Floess wrote:
So, to be honest this is running on my home network ;) I'm not too worried about security - there is nothing sensitive on my network as is :)
Interesting, I never considered running a guest VM and it serving up dhcp addresses :D
So, one thing about my home network is my machines don't all have much RAM. This particular machine has 1 GB and is my "administrative" server - DNS, NIS, NFS, etc... I slivered off a small VM for a postgres DB and like it to start up when the machine boots. I do, sometimes bring that down and bring up another VM...
I definitely understand what you mean though - but this isn't mission critical or anything so I don't mind it doing what its doing - it works fine to date by bouncing dhcpd - but I hate that ;) I may try to get my cable modem-router to serve up dhcp - but I don't think it'll let me do ddns internally (that's another thing I am doing inside my network)...
On Fri, 6 Nov 2009, Christopher G. Stach II wrote:
----- "Scot P. Floess" sfloess@nc.rr.com wrote:
Anybody know what I need to do :) I've been bouncing dhcpd in /etc/rc.local and starting any VMs there. Although annoying, I'd rather do it "right" so I can auto start my Xen guests...
If you want to do it correctly, don't run dhcpd in domain 0. :) You're exposing your host to traffic that it doesn't need to deal with, which can be bad for performance and is bad for security. You're also putting one extra service there that isn't solely related to keeping the ground beneath the guests, the only thing domain 0 should be doing. Start a guest to run dhcpd in auto and name the sym link in auto something like "00-guestname" so it runs before the other guests. If you have two or more physical hosts and you run ISC dhcpd, run another one of these guests as a dhcp failover peer on another host.
-- Christopher G. Stach II
CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Scot P. Floess 27 Lake Royale Louisburg, NC 27549
252-478-8087 (Home) 919-890-8117 (Work)
Chief Architect JPlate http://sourceforge.net/projects/jplate Chief Architect JavaPIM http://sourceforge.net/projects/javapim
Architect Keros http://sourceforge.net/projects/keros _______________________________________________ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
On 11/06/2009 07:05 PM, Scot P. Floess wrote:
So, to be honest this is running on my home network ;) I'm not too worried about security - there is nothing sensitive on my network as is :)
Interesting, I never considered running a guest VM and it serving up dhcp addresses :D
So, one thing about my home network is my machines don't all have much RAM. This particular machine has 1 GB and is my "administrative" server - DNS, NIS, NFS, etc... I slivered off a small VM for a postgres DB and like it to start up when the machine boots. I do, sometimes bring that down and bring up another VM...
I definitely understand what you mean though - but this isn't mission critical or anything so I don't mind it doing what its doing - it works fine to date by bouncing dhcpd - but I hate that ;) I may try to get my cable modem-router to serve up dhcp - but I don't think it'll let me do ddns internally (that's another thing I am doing inside my network)...
64 MB is plenty for a minimal C5 running dhcpd. been there, done that. [root@xenh1 ~]# xm list Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 692 2 r----- 34832.4 backup 1 126 1 -b---- 8412.6 biblioteca 2 510 1 -b---- 67702.6 bugzilla 3 254 1 -b---- 17413.8 cvs 8 254 1 -b---- 13618.4 issuetracker 5 126 1 -b---- 3113.2 newswdep 21 1279 1 -b---- 459183.3
[root@router ~]# xm list // machines running C4 Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 694 1 r----- 94637.2 ls1 8 64 1 -b---- 1770.9 ls2 12 64 1 -b---- 532.7 ls3 11 64 1 -b---- 528.1 ls4 10 64 1 -b---- 623.8 ls5 9 64 1 -b---- 628.5
Hee - yep understood... My DB VM is only 256 MB - it works just fine :)
On Fri, 6 Nov 2009, Manuel Wolfshant wrote:
On 11/06/2009 07:05 PM, Scot P. Floess wrote:
So, to be honest this is running on my home network ;) I'm not too worried about security - there is nothing sensitive on my network as is :)
Interesting, I never considered running a guest VM and it serving up dhcp addresses :D
So, one thing about my home network is my machines don't all have much RAM. This particular machine has 1 GB and is my "administrative" server - DNS, NIS, NFS, etc... I slivered off a small VM for a postgres DB and like it to start up when the machine boots. I do, sometimes bring that down and bring up another VM...
I definitely understand what you mean though - but this isn't mission critical or anything so I don't mind it doing what its doing - it works fine to date by bouncing dhcpd - but I hate that ;) I may try to get my cable modem-router to serve up dhcp - but I don't think it'll let me do ddns internally (that's another thing I am doing inside my network)...
64 MB is plenty for a minimal C5 running dhcpd. been there, done that. [root@xenh1 ~]# xm list Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 692 2 r----- 34832.4 backup 1 126 1 -b---- 8412.6 biblioteca 2 510 1 -b---- 67702.6 bugzilla 3 254 1 -b---- 17413.8 cvs 8 254 1 -b---- 13618.4 issuetracker 5 126 1 -b---- 3113.2 newswdep 21 1279 1 -b---- 459183.3
[root@router ~]# xm list // machines running C4 Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 694 1 r----- 94637.2 ls1 8 64 1 -b---- 1770.9 ls2 12 64 1 -b---- 532.7 ls3 11 64 1 -b---- 528.1 ls4 10 64 1 -b---- 623.8 ls5 9 64 1 -b---- 628.5
CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Scot P. Floess 27 Lake Royale Louisburg, NC 27549
252-478-8087 (Home) 919-890-8117 (Work)
Chief Architect JPlate http://sourceforge.net/projects/jplate Chief Architect JavaPIM http://sourceforge.net/projects/javapim
Architect Keros http://sourceforge.net/projects/keros
-
Ben M. -
Christopher G. Stach II -
Manuel Wolfshant -
Scot P. Floess